NRB IT POLICY 2068

Use of modern Information and Communication Technology (ICT) is indispensable to carry out banking functions more effectively and efficiently. As banks are recently exposed to modern ICT, it needs to capitalize the opportunities available and face the challenges created by it. Increased use of ICT in business operations and service delivery by adopting innovative ICT system, and using emerging cloud computing services has to be encouraged. For these, NRB guidelines formulate the strategic plans to implementation of state-of-the-art ICT system for banks including Data Centre, Production Site and Disaster Recovery (DR) Site.

NRB’s existing ICT policy and guidelines includes outsourcing the non-core ICT services, promoting automation in the Bank, strengthening institutional memory through digitization and safeguarding the information management system. In this regard, NRB’s ICT policy and guidelines has to be amended to accommodate the emerging changes in the ICT system as per time needs. It is important to protect the system from potential cybercrimes, hardware breakdown, network failures, and unauthorized access to data and information.

The use of information technology by banking sector has changed the way they do their business. It has become a part of business rather than supporting factor of business and has created challenges of managing and governing it in changing environment. Issues of tackling with changes in technology, migrating system from one to another, maintain adequate internal control system, limiting access to system and data from unauthorized access, securing electronic transactions , meeting legal requirements, managing outsourcing services, and managing other IT related risks have been emerged in banking sector.

 

1.     Ensure efficient, effective and economic IT operation by implementing appropriate IT systems, e.g., Financial Information System (FIS), Management Information System (MIS), Enterprise Resource Planning (ERP) System, Real Time Gross Settlement System (RTGS), Scripless Securities Settlement System (SSSS) etc.

2.     Maintain well structured, secured physical layout of its IT infrastructure with proper documentation.

3.     Maintain multilevel security for Information.

4.     Implement IT system audit.

5.     Develop, implement and maintain data backup and recovery policy.

6.      Establish and maintain efficient, effective and economic Disaster Recovery (DR) System as an instrument to "Fail Safe System" with minimum down time. Also, develop and maintain Business Continuity Plan (BCP).

7.     Develop and implement IT Outsourcing and Third Party involvement mechanism.

8.     Maintain uniform and legitimate IT infrastructure in all its offices.

9.     Provide IT directives to licensed Banks and Financial Institutions.

10.                        Set a standard for IT procurement and shall be reviewed based on technological development.

11.                        Promulgate "NRB IT Code of Conduct" for proper usage of NRB IT resources.

12.                         Strengthen IT capacity building of employees

Conclusion,

NRB has felt necessary to regulate and guide IT related 12 activities as a guidelines  for commercial banks with the objectives of strengthening banks for tacking with emerging cyber frauds, managing information technology prudently and mitigating risk aroused from implementation of information technology.

 

Online Reference

Nepal Rastra Bank                                     www.nrb.org.np




Comments

Post a Comment

Popular posts from this blog

Public Private Partnership (PPP) Model of Development in Nepal

1. Background ¨   Development of essential public infrastructure and services (including roads, bridges, airports, modern means of communication, drinking water, irrigation, electricity, railways, cable car, ropeways ) is imperative for achieving sustainable economic growth of the country.  ¨   The means and resources allocated from national treasury fall short of what is required for the construction and operation of infrastructure services. ¨   It is desirable to make assets of public utility and operation of public services less costly, effective and reliable. ¨   For this the means, resources, skills and technology available with the private sector must be attracted towards development works of the nation based on the concept of Public Private Partnership (PPP). ¨   It is believed that the contribution of infrastructure services built on this model is crucial and effective for providing momentum to economic development and ¨   ...
Read more

ADVANTAGES AND DISADVANTAGES OF MATRICES ORGANIZATION STRUCTURE

Image
A matrix organizational structure is one of the most complicated reporting structures a company can implement. Read on to learn why a company might implement a matrix structure, and the advantages and disadvantages for both company and staff.In another way it  is a company structure in which the reporting relationships are set up as a grid, or matrix, rather than in the traditional hierarchy. In other words, employees have dual reporting relationships - generally to both a functional manager and a product manager. Examples of Matrix Organizational Structures In the 1970s, Philips, a Dutch multinational electronics company, set up matrix management with its managers reporting to both a geographical manager and a product division manager. Many other large corporations, including Caterpillar Tractor, Hughes Aircraft, and Texas Instruments, also set up reporting along both functional and project lines around that time. Advantages In a matrix o...
Read more